mirror of
https://github.com/sqlmapproject/sqlmap.git
synced 2024-11-26 11:33:47 +03:00
minor fixes
This commit is contained in:
parent
627bfc589f
commit
b45ae10da4
|
@ -349,7 +349,7 @@ def checkSqlInjection(place, parameter, value):
|
||||||
if not injectable and not conf.string:
|
if not injectable and not conf.string:
|
||||||
trueSet = set(extractTextTagContent(truePage))
|
trueSet = set(extractTextTagContent(truePage))
|
||||||
falseSet = set(extractTextTagContent(falsePage))
|
falseSet = set(extractTextTagContent(falsePage))
|
||||||
candidate = reduce(lambda x, y: x or (y.strip() if y.strip() in (kb.pageTemplate or "") else None), (trueSet - falseSet), None)
|
candidate = reduce(lambda x, y: x or (y.strip() if y.strip() in (kb.pageTemplate or "") and y.strip() not in falsePage else None), (trueSet - falseSet), None)
|
||||||
if candidate:
|
if candidate:
|
||||||
conf.string = candidate
|
conf.string = candidate
|
||||||
infoMsg = "%s parameter '%s' seems to be '%s' injectable (with --string=%s)" % (place, parameter, title, repr(candidate).lstrip('u'))
|
infoMsg = "%s parameter '%s' seems to be '%s' injectable (with --string=%s)" % (place, parameter, title, repr(candidate).lstrip('u'))
|
||||||
|
|
|
@ -2161,8 +2161,8 @@ def extractTextTagContent(page):
|
||||||
Returns list containing content from "textual" tags
|
Returns list containing content from "textual" tags
|
||||||
"""
|
"""
|
||||||
|
|
||||||
page = re.sub(r"(?si)[^\s]*%s[^<]*" % REFLECTED_VALUE_MARKER, "", page or "")
|
page = re.sub(r"(?si)[^\s>]*%s[^<]*" % REFLECTED_VALUE_MARKER, "", page or "")
|
||||||
return [_.group('result') for _ in re.finditer(TEXT_TAG_REGEX, page)]
|
return filter(None, (_.group('result').strip() for _ in re.finditer(TEXT_TAG_REGEX, page)))
|
||||||
|
|
||||||
def trimAlphaNum(value):
|
def trimAlphaNum(value):
|
||||||
"""
|
"""
|
||||||
|
|
Loading…
Reference in New Issue
Block a user